• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1212-1228
• /
• 2016

Secure communication is an important aspect of today's interconnected environments and it can be achieved by the use of cryptographic algorithms and protocols. However, many existing cryptographic mechanisms are tightly integrated into communication protocols. Issues emerge when security vulnerabilities are discovered in cryptographic mechanisms because their replacement would eventually require replacing deployed protocols. The concept of cryptographic agility is the solution to these issues because it allows dynamic switching of cryptographic algorithms and keys prior to and during the communication. Most of today's secure protocols implement cryptographic agility (IPsec, SSL/TLS, SSH), but cryptographic agility mechanisms cannot be used in a standalone manner. In order to deal with the aforementioned limitations, we propose a lightweight cryptographically agile agreement model, which is formally verified. We also present a solution in the Agile Cryptographic Agreement Protocol (ACAP) that can be adapted on various network layers, architectures and devices. The proposed solution is able to provide existing and new communication protocols with secure communication prerequisites in a straightforward way without adding substantial communication overhead. Furthermore, it can be used between previously unknown parties in an opportunistic environment. The proposed model is formally verified, followed by a comprehensive discussion about security considerations. A prototype implementation of the proposed model is demonstrated and evaluated.

• Journal of KIISE:Information Networking
• /
• v.31 no.2
• /
• pp.179-187
• /
• 2004

Password authenticated key exchange protocols for the symmetric model are easier to design, analyze and are more efficient than ones for the asymmetric model, but they are most likely to be broken by server's compromise. Though the protocols with provable security for the asymmetric model such as PAK-X and SNAPI-X are introduced, they need large amount of computation compared with the standard Diffie-Hellman key exchange. We present a systematic and efficient way to transform password authenticated key exchange protocols for the symmetric model into protocols for the asymmetric model. Thus, an efficient protocol for the asymmetric model can be constructed by a systematic protocol with low computation.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.7 no.12
• /
• pp.3244-3260
• /
• 2013

A three-party password-based authenticated key exchange (PAKE) protocol allows two clients registered with a trusted server to generate a common cryptographic key from their individual passwords shared only with the server. A key requirement for three-party PAKE protocols is to prevent an adversary from mounting a dictionary attack. This requirement must be met even when the adversary is a malicious (registered) client who can set up normal protocol sessions with other clients. This work revisits three existing three-party PAKE protocols, namely, Guo et al.'s (2008) protocol, Huang's (2009) protocol, and Lee and Hwang's (2010) protocol, and demonstrates that these protocols are not secure against offline and/or (undetectable) online dictionary attacks in the presence of a malicious client. The offline dictionary attack we present against Guo et al.'s protocol also applies to other similar protocols including Lee and Hwang's protocol. We conclude with some suggestions on how to design a three-party PAKE protocol that is resistant against dictionary attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.4 no.5
• /
• pp.776-796
• /
• 2010

Integrated RFID-WSNs (wireless sensor networks) have recently been researched to provide object identities, sensing information, mobile service, and network functionalities. In integrated RFID-WSNs, the reader collision is one of the critical problems. Above all, due to the absence of universally applicable anti-collision protocols and the channel capture phenomenon, the medium access control protocols in integrated RFID-WSNs suffer from reader collision and starvation problems. In this paper, we propose an efficient MAC protocol, called EMP, to avoid the above problems in integrated RFID-WSNs. EMP is a CSMA-based MAC protocol which is compatible with sensor networks operating on integrated nodes which consist of an RFID reader and a senor node. EMP resolves not only the reader collision problem, but also the starvation problem using a power control mechanism. To verify the performance of EMP, we compared it with other anti-reader collision MAC protocols using simulations. As a result, the performance of EMP showed improvements in throughput, system efficiency, and energy consumption compared to the single data channel protocols (CSMA/CA, Pulse, and DiCa) in dense deployment environments.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.8 no.6
• /
• pp.520-527
• /
• 2015

The key exchange protocols are very crucial tools to provide the secure communication in the broadband satellite access network. They should be required to satisfy various requirements such as security, key confirmation, and key freshness. In this paper, we present the security functions in ETSI(European Telecommunications Standards Institute), and analyze the specification of the security primitives and the key exchange protocols for the authenticated key agreement between RCST(Return Channel Satellite Terminal) and NCC(Network Control Centre). ETSI key exchange protocols consists of Main Key Exchange, Quick Key Exchange, and Explicit Key Exchange. We analyse the pros and cons of key exchange protocols based on performance analysis and performance evaluation.

• Journal of Korea Society of Industrial Information Systems
• /
• v.10 no.2
• /
• pp.59-66
• /
• 2005

Recently, Ku and Chen(Ku-Chen) showed some problems in the password based remote user authentication scheme using smartcards proposed by Chien et al. and proposed an improvement from it. This paper shows some weaknesses in the Ku-Chen's scheme, especially the replay attacks, and proposes two authentication protocols to solve the problems in it. First of all, an authentication protocol using synchronized timestamps is proposed to solve the problem in the Ku-Chen's protocol. Then, a nonce-based authentication protocol is proposed to solve the inherent problems in the synchronized timestamp-based authentication protocols. The proposed authentication protocols support the advantages in the previous password-based authentication protocols and solve the problems in them effectively.

• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.502-512
• /
• 2016

The wireless carrier sense multiple access with collision detection (WCSMA/CD) and carrier sense multiple access with collision resolution (CSMA/CR) protocols are considered representative distributed collision detection protocols for fully connected dense wireless local area networks. These protocols identify collisions through additional short-sensing within a collision detection (CD) period after the start of data transmission. In this study, we analyze their throughput numerically and show that the throughput has a trade-off that accords with the length of the CD period. Consequently, we obtain the optimal length of the CD period that maximizes the throughput as a closed-form solution. Analysis and simulation results show that the throughput of distributed collision detection protocols is considerably improved when the optimal CD period is allocated according to the number of stations and the length of the transmitted packet.

• Journal of Communications and Networks
• /
• v.18 no.3
• /
• pp.351-363
• /
• 2016

This paper investigates the performance of interference-limited two-way transmission protocols in the Rayleigh fading channels. New lower bound of outage probability and approximate expression of bit error rate (BER) for three-phase two-way relaying (3P-TWR) protocol are derived in closed-form. These expressions are valid for arbitrary signal-to-noise ratio values, numbers of co-channel interferers and amajority of modulation formats employed in the practical system. Then a comparative study is developed for the performance of three two-way transmission protocols, i.e., direct transmission (DT) protocol, two-phase two-way relaying (2P-TWR) protocol and 3P-TWR protocol based on the asymptotic expressions of outage probability and BER. On the basis of the theoretical results, the thresholds on the strength (variance) of direct channel and target rate for the relative performance of different protocols are obtained and the effect of interferences at the terminal and relay on the relative performance is analyzed. The results present key insights on how to choose proper two-way transmission protocol with the knowledge of fading channels, required date rate and modulation format to optimize the system performance in the practical interference-limited scenarios. Simulation results are presented to validate the theoretical analysis.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3152-3165
• /
• 2012

Wireless sensor networks (WSN) often employ asynchronous MAC scheduling, which allows each sensor node to wake up independently without synchronizing with its neighbor nodes. However, this asynchronous scheduling may not deal with collisions due to hidden terminals effectively. Although most of the existing asynchronous protocols exploit a random back-off technique to resolve collisions, the random back-off cannot secure a receiver from potentially repetitive collisions and may lead to a substantial increase in the packet latency. In this paper, we propose a new collision resolution algorithm called Transient Coordinator (TC) for asynchronous WSN MAC protocols. TC resolves a collision on demand by ordering senders' transmissions when a receiver detects a collision. To coordinate the transmission sequence both the receiver and the collided senders perform handshaking to collect the information and to derive a collision-free transmission sequence, which enables each sender to exclusively access the channel. According to the simulation results, our scheme can improve the average per-node throughput by up to 19.4% while it also reduces unnecessary energy consumption due to repetitive collisions by as much as 91.1% compared to the conventional asynchronous MAC protocols. This demonstrates that TC is more efficient in terms of performance, resource utilization, and energy compared to the random back-off scheme in dealing with collisions for asynchronous WSN MAC scheduling.

• International Journal of Computer Science & Network Security
• /
• v.21 no.8
• /
• pp.342-352
• /
• 2021

Multicast Routings is a big challenge due to limitations such as node power and bandwidth Mobile Ad-hoc Network (MANET). The path to be chosen from the source to the destination node requires protocols. Multicast protocols support group-oriented operations in a bandwidth-efficient way. While several protocols for multi-cast MANETs have been evolved, security remains a challenging problem. Consequently, MANET is required for high quality of service measures (QoS) such infrastructure and application to be identified. The goal of a MANETs QoS-aware protocol is to discover more optimal pathways between the network source/destination nodes and hence the QoS demands. It works by employing the optimization method to pick the route path with the emphasis on several QoS metrics. In this paper safe routing is guaranteed using the Secured Multicast Routing offered in MANET by utilizing the Ant Colony Optimization (ACO) technique to integrate the QOS-conscious route setup into the route selection. This implies that only the data transmission may select the way to meet the QoS limitations from source to destination. Furthermore, the track reliability is considered when selecting the best path between the source and destination nodes. For the optimization of the best path and its performance, the optimized algorithm called the micro artificial bee colony approach is chosen about the probabilistic ant routing technique.